Threat Intelligence Report EclecticIQ Fusion Center Report: ComboJack Malware Alters Clipboards to Steal Cryptocurrency (English)
Unit 42 researchers discovered a new currency stealer dubbed "ComboJack", which targets cryptocurrencies and online wallets.
Report from EclecticIQ Fusion Center from Tuesday 6 March 2018.
- The malware is being spread via a spam email campaign targeting primarily American and Japanese users.
- Malware: ComboJack functions by replacing clipboard addresses with an attacker- controlled address which sends funds into the attacker’s wallet.
- The malware is after Ethereum, Monero, Bitcoin, and Litecoin, but also after funds transferred via Qiwi, WebMoney, and Yandex Money.
- EclecticIQ Fusion Center analysts uncovered additional related indicators and a user potentially behind this malware.